In several applications, the supplier of the object allows the object to be used by the user for a limited number of occasions only. Each time the object is used, the fact of its use is recorded by permanently (and often irreversibly) modifying one bit of data held by the object.
It is in the supplier's interest and/or the user's interest, that the data stored on the object should not be capable of illicit access and/or modification.
Various techniques have therefore been evolved for preventing illicit modification of the data stored on the object and for preventing such normally secret data becoming known.
In one known system, where the objects in question are credit cards, and where use of the object requires the user to supply a code specific to the object, precautions are taken to prevent the code from being found out by trial and error testing of all possible codes. This is done by limiting the number of trials that any one reader will tolerate, and by the reader invalidating the card after a predetermined number of failures.
In a variant of the above technique the number of failed attempts is stored on the card, which is then invalidated after said predetermined number of failed attempts. However, storing failed attempts on the card suffers from the drawback of failing to distinguish between an un-interrupted sequence of failed attempts (assumed to be fraudulent) and the same number of failures interspersed by successful attempts (in which case the user is deemed to be clumsy or absent-minded rather than fraudulent).
Another fraudulent approach is to attempt to discover the authorization code by systematic testing using reading apparatus which does not make a record of failed attempts; such apparatus being, for example, in the form of standard reading apparatus which has been illicitly modified.